head 1.3;
access;
symbols
pkgsrc-2016Q4:1.2.0.34
pkgsrc-2016Q4-base:1.2
pkgsrc-2016Q3:1.2.0.32
pkgsrc-2016Q3-base:1.2
pkgsrc-2016Q2:1.2.0.30
pkgsrc-2016Q2-base:1.2
pkgsrc-2016Q1:1.2.0.28
pkgsrc-2016Q1-base:1.2
pkgsrc-2015Q4:1.2.0.26
pkgsrc-2015Q4-base:1.2
pkgsrc-2015Q3:1.2.0.24
pkgsrc-2015Q3-base:1.2
pkgsrc-2015Q2:1.2.0.22
pkgsrc-2015Q2-base:1.2
pkgsrc-2015Q1:1.2.0.20
pkgsrc-2015Q1-base:1.2
pkgsrc-2014Q4:1.2.0.18
pkgsrc-2014Q4-base:1.2
pkgsrc-2014Q3:1.2.0.16
pkgsrc-2014Q3-base:1.2
pkgsrc-2014Q2:1.2.0.14
pkgsrc-2014Q2-base:1.2
pkgsrc-2014Q1:1.2.0.12
pkgsrc-2014Q1-base:1.2
pkgsrc-2013Q4:1.2.0.10
pkgsrc-2013Q4-base:1.2
pkgsrc-2013Q3:1.2.0.8
pkgsrc-2013Q3-base:1.2
pkgsrc-2013Q2:1.2.0.6
pkgsrc-2013Q2-base:1.2
pkgsrc-2013Q1:1.2.0.4
pkgsrc-2013Q1-base:1.2
pkgsrc-2012Q4:1.2.0.2
pkgsrc-2012Q4-base:1.2
pkgsrc-2012Q3:1.1.0.38
pkgsrc-2012Q3-base:1.1
pkgsrc-2012Q2:1.1.0.36
pkgsrc-2012Q2-base:1.1
pkgsrc-2012Q1:1.1.0.34
pkgsrc-2012Q1-base:1.1
pkgsrc-2011Q4:1.1.0.32
pkgsrc-2011Q4-base:1.1
pkgsrc-2011Q3:1.1.0.30
pkgsrc-2011Q3-base:1.1
pkgsrc-2011Q2:1.1.0.28
pkgsrc-2011Q2-base:1.1
pkgsrc-2011Q1:1.1.0.26
pkgsrc-2011Q1-base:1.1
pkgsrc-2010Q4:1.1.0.24
pkgsrc-2010Q4-base:1.1
pkgsrc-2010Q3:1.1.0.22
pkgsrc-2010Q3-base:1.1
pkgsrc-2010Q2:1.1.0.20
pkgsrc-2010Q2-base:1.1
pkgsrc-2010Q1:1.1.0.18
pkgsrc-2010Q1-base:1.1
pkgsrc-2009Q4:1.1.0.16
pkgsrc-2009Q4-base:1.1
pkgsrc-2009Q3:1.1.0.14
pkgsrc-2009Q3-base:1.1
pkgsrc-2009Q2:1.1.0.12
pkgsrc-2009Q2-base:1.1
pkgsrc-2009Q1:1.1.0.10
pkgsrc-2009Q1-base:1.1
pkgsrc-2008Q4:1.1.0.8
pkgsrc-2008Q4-base:1.1
pkgsrc-2008Q3:1.1.0.6
pkgsrc-2008Q3-base:1.1
cube-native-xorg:1.1.0.4
cube-native-xorg-base:1.1
pkgsrc-2008Q2:1.1.0.2;
locks; strict;
comment @# @;
1.3
date 2017.02.05.13.19.27; author wiz; state dead;
branches;
next 1.2;
commitid LcDMssYPXXnouLEz;
1.2
date 2012.11.02.19.02.51; author shattered; state Exp;
branches;
next 1.1;
1.1
date 2008.07.25.02.55.27; author tonnerre; state Exp;
branches
1.1.2.1;
next ;
1.1.2.1
date 2008.07.25.02.55.27; author rtr; state dead;
branches;
next 1.1.2.2;
1.1.2.2
date 2008.07.25.10.06.29; author rtr; state Exp;
branches;
next ;
desc
@@
1.3
log
@Remove patch that is not in distinfo.
@
text
@$NetBSD: patch-an,v 1.2 2012/11/02 19:02:51 shattered Exp $
--- man/search.cgi.orig 2007-09-21 23:26:43.000000000 +0200
+++ man/search.cgi
@@@@ -255,7 +255,8 @@@@ if (@@rv == 1 && !$in{'check'}) {
}
# Display search results
-$for = join($in{'and'} ? " and " : " or ", map { "$_" } @@for);
+$for = join($in{'and'} ? " and " : " or ", map { "" . &html_escape($_) .
+ "" } @@for);
&ui_print_header(&text('search_for', $for), $text{'search_title'}, "");
if (@@rv) {
#@@rv = sort { $b->[4] <=> $a->[4] } @@rv;
@
1.2
log
@Update to 1.600. Closes PR/45066.
Too many changes to list here.
@
text
@d1 1
a1 1
$NetBSD: patch-an,v 1.1 2008/07/25 02:55:27 tonnerre Exp $
@
1.1
log
@Fix various cross site scripting, arbitrary command execution and various
other vulnerabilities in webmin (CVE-2008-0720).
@
text
@d1 1
a1 1
$NetBSD$
a14 10
@@@@ -280,7 +281,8 @@@@ if (@@rv) {
print &ui_columns_end();
}
else {
- print "",&text('search_none', "$in{'for'}"),"
\n";
+ print "
",&text('search_none', "" . &html_escape($in{'for'}) .
+ ""),"
\n";
}
&ui_print_footer("", $text{'index_return'});
@
1.1.2.1
log
@file patch-an was added on branch pkgsrc-2008Q2 on 2008-07-25 10:06:29 +0000
@
text
@d1 24
@
1.1.2.2
log
@pullup ticket #2462 requested by tonnerre
webmin: patch for various security vulnerabilities
revisions pulled up:
pkgsrc/sysutils/webmin/Makefile 1.24
pkgsrc/sysutils/webmin/distinfo 1.16
pkgsrc/sysutils/webmin/patches/patch-ac 1.3
pkgsrc/sysutils/webmin/patches/patch-aj 1.1
pkgsrc/sysutils/webmin/patches/patch-ak 1.1
pkgsrc/sysutils/webmin/patches/patch-al 1.1
pkgsrc/sysutils/webmin/patches/patch-am 1.1
pkgsrc/sysutils/webmin/patches/patch-an 1.1
pkgsrc/sysutils/webmin/patches/patch-ao 1.1
pkgsrc/sysutils/webmin/patches/patch-ap 1.1
pkgsrc/sysutils/webmin/patches/patch-aq 1.1
pkgsrc/sysutils/webmin/patches/patch-ar 1.1
pkgsrc/sysutils/webmin/patches/patch-as 1.1
pkgsrc/sysutils/webmin/patches/patch-at 1.1
pkgsrc/sysutils/webmin/patches/patch-au 1.1
pkgsrc/sysutils/webmin/patches/patch-av 1.1
pkgsrc/sysutils/webmin/patches/patch-aw 1.1
pkgsrc/sysutils/webmin/patches/patch-ax 1.1
pkgsrc/sysutils/webmin/patches/patch-ay 1.1
pkgsrc/sysutils/webmin/patches/patch-az 1.1
Module Name: pkgsrc
Committed By: tonnerre
Date: Fri Jul 25 02:55:28 UTC 2008
Modified Files:
pkgsrc/sysutils/webmin: Makefile distinfo
Added Files:
pkgsrc/sysutils/webmin/patches: patch-ac patch-aj patch-ak
patch-al patch-am patch-an patch-ao patch-ap patch-aq patch-ar patch-as
patch-at patch-au patch-av patch-aw patch-ax patch-ay
patch-az
Log Message:
Fix various cross site scripting, arbitrary command execution and
various other vulnerabilities in webmin (CVE-2008-0720).
@
text
@a0 24
$NetBSD: patch-an,v 1.1 2008/07/25 02:55:27 tonnerre Exp $
--- man/search.cgi.orig 2007-09-21 23:26:43.000000000 +0200
+++ man/search.cgi
@@@@ -255,7 +255,8 @@@@ if (@@rv == 1 && !$in{'check'}) {
}
# Display search results
-$for = join($in{'and'} ? " and " : " or ", map { "$_" } @@for);
+$for = join($in{'and'} ? " and " : " or ", map { "" . &html_escape($_) .
+ "" } @@for);
&ui_print_header(&text('search_for', $for), $text{'search_title'}, "");
if (@@rv) {
#@@rv = sort { $b->[4] <=> $a->[4] } @@rv;
@@@@ -280,7 +281,8 @@@@ if (@@rv) {
print &ui_columns_end();
}
else {
- print "
",&text('search_none', "$in{'for'}"),"
\n";
+ print "
",&text('search_none', "" . &html_escape($in{'for'}) .
+ ""),"
\n";
}
&ui_print_footer("", $text{'index_return'});
@